In this context, standard instances are to be understood as a person, a system or the like, for which data exist that are worthy of protection. These object data contain object identification data, which allow an object to be identified, e.g. through a person's Social Insurance Number or user data that were generated and stored in connection with the respective object.
Since a growing number of databases, e.g. with personal data, exist or are being generated, increasing efforts are being made in order to protect object specific data, such as personal particulars and data. On the other hand, personal data and the associated measurement and monitoring data as well as historical data are required for study purposes and for statistical analyses and for the implementation of legal provisions, e.g. in the health industry, which are then stored over extended periods for processing at a later date. The result is an increasing requirement for protection of stored data.
For that reason, the attempt has always been made to benefit from having as many data records available as possible, on the one hand, but not invade privacy, on the other. Existing approaches to solve the problem have therefore attempted to protect the data of each individual person, subject to data protection against access by unauthorized users.
However, existing systems do not offer adequate protection against tracing back data by means of comparison and thus do not prevent the possibility of drawing conclusions with respect to the identity of the standard instance by comparing the user data, e.g., the case history of a patient.
In existing data processing systems, this allocation is for instance centrally protected in the system by an access code, and/or through the use of a list. Thus anybody, who can obtain access to the data through this central access code, can access the entirety or large portions of all data stocks available. This not only presents problems in the event of a hacker attack against the system, but generally also raises the question as to who controls the data inventories in the system and whether the danger of unauthorized data dissemination by system operators can occur.